AMENDMENTS TO CLAIMS 



1 1 . (currently amended): A system for encrypting a portion of token data, for 

2 recording said token data with a portion of said token data in an encrypted form 

3 on a computer readable medium, and for reading said token data and decrypting 

4 said portion of said token data, wherein 

5 said system comprises a plurality of client computers and a server, 

6 said server generates a secure transfer key pair and encrypts a private 

7 key of said secure transfer key pair, 

8 said secure transfer key pair is transferred to each of said client 

9 computers in said plurality thereof with said private key of said secure transfer 

10 key pair in an encrypted form, and 

1 1 each client computer in said plurality thereof is programmed to generate 

12 token data including said portion of said token data encrypted with a public key 

13 of said secure transfer key pair, to record said token data on a computer 

14 readable medium, to read said token data from said computer readable medium, 

1 5 to decrypt said private key of said secure transfer key pair, and to decrypt said 

16 portion of said token data with said private key of said secure transfer key pair. 

1 2. (currently amended): The system of claim 1, wherein 

2 each client computer in said plurality thereof generates a platform key 

3 pair, 

4 a public key of said platform key pair is transferred to said server, and 

5 said secure transfer key pair is transferred to each of said client 

6 computers in said plurality thereof with said private key of said secure transfer 

7 key pair encrypted with said public key of said platform key pair of said client 

8 computer, and_each client computer in said plurality thereof stores said secure 

9 transfer key pair with said private key of said secure transfer key pair encrypted 
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10 with said public key of said platform key pair and subsequently decrypts said 

1 1 private key of said secure transfer key pair with said private key of said platform 

12 key pair. 

1 3. (original): The system of claim 2, wherein 

2 each client computer in said plurality thereof includes a security 

3 subsystem having a subsystem processor and subsystem storage, 

4 each client computer in said plurality thereof generates a hardware key 

5 pair within said security subsystem 

6 a private key of said hardware key pair is stored in said subsystem 

7 storage, and 

8 a private key of said platform key pair is encrypted with said hardware 

9 public key and is decrypted with said hardware private key in said security 

10 subsystem before said private key of said platform key pair is used to decrypt 

11 said private key of said secure transfer key pair within said security subsystem. 

1 4. (original): The system of claim 1 , wherein each client computer within said 

2 plurality of client computers is enabled to perform a predetermined task in 

3 response to decrypting said portion of said token data. 

1 5. (original): The system of claim 1, wherein 

2 each client computer in said plurality of client computers includes an input 

3 device for providing a numeric input, 

4 said portion of said token data includes a PIN, 

5 each client computer in said plurality of client computers, after decrypting 

6 said portion of said token data read from said computer readable medium, 

7 compares said PIN included within said token data with said numeric input 

8 provided through said input device, and 
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9 each of said client computers in said plurality thereof reads said secure 

10 transfer key pair with said private key of said secure transfer key pair in said 

1 1 encrypted form from said computer readable medium. 

1 9. (currently amended): The system of claim 8, wherein 

2 each client computer in said plurality thereof generates a platform key pair 

3 and writes a public key of said platform key pair on a first computer readable 

4 medium, 

5 said server reads said public key of said platform key pair from each client 

6 computer in said plurality thereof , encrypts said private key of said secure 

7 transfer key pair with said public key of said platform key pair, and writes said 

8 secure transfer key pair on a second computer readable medium with said 

9 private key of said secure transfer key pair encrypted with said public key of said 

10 client computer, and 

11 said client computer reads said secure transfer key pair with said private 

12 key so said secure transfer key pair encrypted with said public key of said client 

1 3 computer from said second computer readable medium, stores said secure 

14 transfer key pair with said private key of said secure transfer key pair encrypted - 

15 with said public key of said platform key pair and subsequently decrypts said 

16 private key of said secure transfer key pair with said private key of said platform 

17 key pair. 

1 10. (currently amended): A method within a computing system for encrypting 

2 token data, for recording said token data in an encrypted form on a computer 

3 readable medium, and for reading and decrypting token data recorded on a 

4 computer readable medium, wherein said method comprises: 

5 receiving a secure transfer key pair generated within a server : 

6 storing said secure transfer key pair; 

7 after storing said secure transfer key pair, in response to an indication 

8 that token data is to be recorded, encrypting a portion of said token data with a 
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9 public key of said secure transfer key pair; and recording said token data, 

10 including said portion of said token data encrypted with said public key of said 

1 1 secure transfer key pair on a computer readable medium; and 

12 after storing said secure transfer key pair, in response to an indication that 

13 token data is to be read, reading said token data from a computer readable 

14 medium, and decrypting a portion of said data with a private key of said secure 

15 transfer key pair. 

1 11. (original): The method of claim 10, wherein said secure transfer key pair is received 

2 from said server over a communications network. 

1 12. (original): The method of claim 1 1 , additionally comprising: 

2 generating and storing a platform key pair; 

3 transmitting a public key of said platform key pair to said server over said 

4 communications network, wherein said secure transfer key pair is subsequently 

5 received from said server encrypted with said public key of said platform key pair, 

6 and wherein said private key of said secure transfer key pair is stored encrypted 

7 with said public key of said platform key pair, and 

8 decrypting said private key of said secure transfer key pair with said 

9 private key of said platform key pair before decrypting said portion of said data 
10 with said private key of said secure transfer key pair. 

1 13. (original): The method of claim 10, wherein said secure transfer key pair is 

2 read from a computer readable medium. 

1 14. (currently amended): The method of claim 13, additionally comprising: 

2 generating and storing a platform key pair; 

3 writing a public key of said platform key pair on a computer readable 

4 medium[[,]]: 

5 reading said secure transfer key pair from a computer readable medium 
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6 encrypted with said public key of said platform key pair, and wherein said private 

7 key of said secure transfer key pair is stored encrypted with said public key of 

8 said platform key pair[[,]]; and 

9 decrypting said private key of said secure transfer key pair with said 

10 private key of said platform key pair before decrypting said portion of said data 

1 1 with said private key of said secure transfer key pair. 

1 15. (original): The method of claim 10, additionally comprising: 

2 generating and storing a hardware key pair within a security subsystem of 

3 said computing system, wherein a private key of said hardware key pair is stored 

4 within said security subsystem of said computing system; 

5 encrypting said private key of said platform key pair with said public key of 

6 said hardware key pair, wherein said platform key pair is stored with said private 

7 key of said platform key pair encrypted with said public key of said hardware key 

8 pair; and 

9 decrypting said private key of said platform key pair with said private key 

10 of said hardware key pair within said security subsystem before decrypting said 

1 1 private key of said secure transfer key pair with said private key of said platform 

12 key pair. 

1 16. (original): The method of claim 10, additionally comprising enabling 

2 performance of a predetermined task in response to decrypting said portion of 

3 said data with said private key of said secure transfer key pair. 

1 17. (original): The method of claim 10, wherein 

2 said portion of said token data includes a PIN, and 

3 said method additionally comprises receiving a numeric input from an 

4 input device, comparing said PIN with said numeric input from said input device, 

5 and enabling performance of a predetermined task in response to determining an 

6 equivalence between said PIN and said numeric input. 
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1 18. (currently amended): A computer readable medium having recorded 

2 thereon computer executable instructions for performing a method within a 

3 computing system for encrypting token data, for recording said token data in an 

4 encrypted form on a computer readable medium, and for reading and decrypting 

5 token data recorded on a computer readable medium, wherein said method 

6 comprises: 

7 receiving a secure transfer key pair from said a server; 

8 storing said secure transfer key pair; 

9 after storing said secure transfer key pair, in response to an indication that 

10 token data is to be recorded, encrypting a portion of said token data with a public 

1 1 key of said secure transfer key pair[[;]] and recording said token data, including said 

12 portion of said token data encrypted with said public key of said secure transfer 

13 key pair on a computer readable medium; and 

14 after storing said secure transfer key pair, in response to an indication that 

15 token data is to be read, reading said token data from a computer readable 

16 medium, and decrypting a portion of said data with a private key of said secure 

17 transfer key pair. 

1 19. (original): The computer readable medium of claim 18, wherein said secure transfer 

2 key pair is received from said server over a communications network. 

1 20. (original): The computer readable medium of claim 19, wherein said method 

2 additionally comprises: 

3 generating and storing a platform key pair; 

4 transmitting a public key of said platform key pair to said server over said 

5 communications network, wherein said secure transfer key pair is subsequently 

6 received from said server encrypted with said public key of said platform key pair, 

7 and wherein said private key of said secure transfer key pair is stored encrypted 

8 with said public key of said platform key pair, and 
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9 decrypting said private key of said secure transfer key pair with said 

10 private key of said platform key pair before decrypting said portion of said data 

1 1 with said private key of said secure transfer key pair. 

1 21 . (original): The computer readable medium of claim 18, wherein said secure 

2 transfer key pair is read from a computer readable medium. 

1 22. (currently amended): The computer readable medium of claim 21, wherein 

2 said method additionally comprises: 

3 generating and storing a platform key pair; 

4 writing a public key of said platform key pair on a computer readable 

5 medium[[,]]i 

6 reading said secure transfer key pair from a computer readable medium 

7 encrypted with said public key of said platform key pair, and wherein said private 

8 key of said secure transfer key pair is stored encrypted with said public key of 

9 said platform key pair[[,]]; and 

I o decrypting said private key of said secure transfer key pair with said 

I I private key of said platform key pair before decrypting said portion of said data 
12 with said private key of said secure transfer key pair. 

1 23. (original): The computer readable medium of claim 18, wherein said method 

2 additionally comprises: 

3 generating and storing a hardware key pair within a security subsystem of 

4 said computing system, wherein a private key of said hardware key pair is stored 

5 within said security subsystem of said computing system; 

6 encrypting said private key of said platform key pair with said public key 

7 of said hardware key pair, wherein said platform key pair is stored with said 

8 private key of said platform key pair encrypted with said public key of said 

9 hardware key pair; and 

1 0 decrypting said private key of said platform key pair with said private key 
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1 1 of said hardware key pair within said security subsystem before decrypting said 

12 private key of said secure transfer key pair with said private key of said platform 

1 3 key pair. 

1 24. (original): The computer readable medium of claim 18, wherein said method 

2 additionally comprises enabling performance of a predetermined task in 

3 response to decrypting said portion of said data with said private key of said 

4 secure transfer key pair. 

1 25. (original): The computer readable medium of claim 18, wherein: 

2 said portion of said token data includes a PIN, and 

3 said method additionally comprises receiving a numeric input from an 

4 input device, comparing said PIN with said numeric input from said input device, 

5 and enabling performance of a predetermined task in response to determining an 

6 equivalence between said PIN and said numeric input. 

1 26. (currently amended): A process of providing electrical signals over a 

2 communications network causing computer storage to have stored therein 

3 computer executable instructions for performing a method within a computing 

4 system for encrypting token data, for recording said token data in an encrypted 

5 form on a computer readable medium, and for reading and decrypting token data 

6 recorded on a computer readable medium, wherein said method comprises: 

7 receiving a secure transfer key pair from sa\4 a server; 

8 storing said secure transfer key pair; 

9 after storing said secure transfer key pair, in response to an indication that 

10 token data is to be recorded, encrypting a portion of said token data with a public 

1 1 key of said secure transfer key pairj and recording said token data, including said 

12 portion of said token data encrypted with said public key of said secure transfer 

13 key pair on a computer readable medium; and 
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14 after storing said secure transfer key pair, in response to an indication that 

15 token data is to be read, reading said token data from a computer readable 

16 medium, and decrypting a portion of said data with a private key of said secure 

17 transfer key pair. 

1 27. (original): The process of claim 26, wherein said secure transfer key pair is received 

2 from said server over a communications network. 

1 28. (original): The process of claim 27, wherein said method additionally 

2 comprises: 

3 generating and storing a platform key pair; 

4 transmitting a public key of said platform key pair to said server over said 

5 communications network, wherein said secure transfer key pair is subsequently 

6 received from said server encrypted with said public key of said platform key pair, 

7 and wherein said private key of said secure transfer key pair is stored encrypted 

8 with said public key of said platform key pair, and 

9 decrypting said private key of said secure transfer key pair with said 

10 private key of said platform key pair before decrypting said portion of said data 

1 1 with said private key of said secure transfer key pair. 

1 29. (original): The process of claim 26, wherein said secure transfer key pair is read 

2 from a computer readable medium. 

1 30. (currently amended): The process of claim 29, additionally comprising: 

2 generating and storing a platform key pair; 

3 writing a public key of said platform key pair on a computer readable 

4 medium, 

5 reading said secure transfer key pair from a computer readable medium 

6 encrypted with said public key of said platform key pair, and wherein said private 

7 key of said secure transfer key pair is stored encrypted with said public key of 
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8 said platform key pair, and 

9 decrypting said private key of said secure transfer key pair with said 

1 0 private key of said platform key pair before decrypting said portion of said data 

1 1 with said private key of said secure transfer key pair. 

1 31. (original): The process of claim 26, wherein said method additionally comprises: 

2 generating and storing a hardware key pair within a security subsystem of 

3 said computing system, wherein a private key of said hardware key pair is stored 

4 within said security subsystem of said computing system; 

5 encrypting said private key of said platform key pair with said public key of 

6 said hardware key pair, wherein said platform key pair is stored with said private 

7 key of said platform key pair encrypted with said public key of said hardware key 

8 pair; and 

9 decrypting said private key of said platform key pair with said private key 

10 of said hardware key pair within said security subsystem before decrypting said 

1 1 private key of said secure transfer key pair with said private key of said platform 

12 key pair. 

1 32. (original): The process of claim 26, wherein said method additionally 

2 comprises enabling performance of a predetermined task in response to 

3 decrypting said portion of said data with said private key of said secure transfer 

4 key pair. 

1 33. (original): The process of claim 26, wherein: 

2 said portion of said token data includes a PIN, and 

3 said method additionally comprises receiving a numeric input from an 

4 input device, comparing said PIN with said numeric input from said input device, 

5 and enabling performance of a predetermined task in response to determining an 

6 equivalence between said PIN and said numeric input. 



09/802,200 



11 



1 34. (currently amended): A method for enabling performance of a 

2 predetermined task in a remote computer system through use of an encrypted 

3 portion of token data recorded in a local computer, wherein said method 

4 comprises: 

5 generating a secure transfer key pair within a server 

6 transferring a said secure transfer key pair from said server to said local 

7 computer; 

8 storing said secure transfer key pair within said local computer; 

9 establishing communication between said remote computer and said 

10 server; 

1 1 transferring said secure transfer key pair from said server to said remote 

12 computer; 

1 3 storing said secure transfer key pair within said remote computer; 

14 encrypting said portion of said token data within said local computer with a 

1 5 public key of said secure transfer key pair; 

16 recording said token data, including said portion of said token data 

17 encrypted with said public key of said secure transfer key pair, within said local 

1 8 computer on a computer readable medium; 

19 transporting said computer readable medium from said local computer to 

20 said remote computer; reading said token data, including said portion of said 

21 token data encrypted with said public key of said secure transfer key pair, within 

22 said remote computer from a computer readable medium; 

23 decrypting said portion of said token data within said remote computer 

24 with a private key of said secure transfer key pair; and 

25 enabling said performance of said predetermined task in said remote 

26 computer in response to said portion of said token data. 

1 35. (currently amended): The method of claim 4S 34, wherein said secure 

2 transfer key pair is received from said server over a communications network. 
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1 36. (original): The method of claim 34, additionally comprising: 

2 generating and storing a first platform key pair within said local computer; 

3 and 

4 transmitting a public key of said first platform key pair to said server from 

5 said local computer, wherein said secure transfer key pair is subsequently 

6 received by said local computer from said server encrypted with said public key 

7 of said first platform key pair, and wherein said private key of said secure transfer 

8 key pair is stored within said local computer encrypted with said public key of 

9 said first platform key pair. 

1 37. (original): The method of claim 34, wherein said secure transfer key pair is 

2 read from a computer readable medium. 

1 38. (original): The method of claim 37, wherein said method additionally 

2 comprises: 

3 generating and storing a platform key pair; 

4 writing a public key of said platform key pair on a computer readable 

5 medium, 

6 reading said secure transfer key pair from a computer readable medium 

7 encrypted with said public key of said platform key pair, and wherein said private 

8 key of said secure transfer key pair is stored encrypted with said public key of 

9 said platform key pair, and 

I o decrypting said private key of said secure transfer key pair with said 

I I private key of said platform key pair before decrypting said portion of said data 
12 with said private key of said secure transfer key pair. 

1 39. (original): The method of claim 34, additionally comprising: 

2 generating and storing a first hardware key pair in a security subsystem of 

3 said local computer, wherein a private key of said hardware key pair is stored 
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4 within said security subsystem of said local computer; 

5 encrypting said private key of said first platform key pair with said public 

6 key of said first hardware key pair within said local computer, wherein said first 

7 platform key pair is stored within said local computer with said private key of said 

8 first platform key pair encrypted with said public key of said first hardware key 

9 pair. 

1 40. (original): The method of claim 34, additionally comprising: 

2 generating and storing a second platform key pair within said remote 

3 computer; 

4 transmitting a public key of said second platform key pair to said server 

5 from said remote computer, wherein said secure transfer key pair is 

6 subsequently received by said remote computer from said server encrypted with 

7 said public key of said second platform key pair, and wherein said private key of 

8 said secure transfer key pair is stored within said remote computer encrypted 

9 with said public key of said second platform key pair, and 

I o decrypting said private key of said secure transfer key pair with said 

I I private key of said second platform key pair within said remote computer before 

12 decrypting said portion of said data with said private key of said secure transfer 

13 key pair. 

1 41. (original): The method of claim 34, additionally comprising: 

2 generating and storing a second hardware key pair within a security 

3 subsystem of said remove computer, wherein a private key of said hardware key 

4 pair is stored within said security subsystem of said remote computer; 

5 encrypting said private key of said second platform key pair with said 

6 public key of said second hardware key pair within said remote computer, 

7 wherein said second platform key pair is stored within said remote computer with 

8 said private key of said second platform key pair encrypted with said public key 

9 of said second hardware key pair; and 
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10 decrypting said private key of said second platform key pair with said 

1 1 private key of said second hardware key pair within said security subsystem of 

12 said remote computer before decrypting said private key of said secure transfer 

1 3 key pair with said private key of said second platform key pair. 

1 42. (original): The method of claim 36, additionally comprising enabling 

2 performance of a predetermined task within said remote computer in response to 

3 decrypting said portion of said data with said private key of said secure transfer 

4 key pair. 

1 43. (original): The method of claim 36, wherein 

2 said portion of said token data encrypted with said public key of said 

3 secure transfer key pair includes a PIN, and 

4 said method additionally comprises receiving a numeric input within said 

5 remote computer from an input device, comparing said PIN with said numeric 

6 input from said input device, and enabling performance of a predetermined task 

7 within said remote computer in response to determining an equivalence between 

8 said PIN and said numeric input. 

1 44. (original): A method for establishing a plurality of associated client 

2 computers, wherein a client computer in said plurality of associated client 

3 computers performs a predetermined task in response to reading and decrypting 

4 token data recorded on a computer readable medium, wherein said method 

5 comprises: 

6 generating a secure transfer key pair within a server; 

7 transferring said secure transfer key pair from said server to each client 

8 computer in said plurality of associated client computers; 

9 storing said secure transfer key pair within each client computer in said 

1 0 plurality of associated client computers; 

1 1 encrypting a first portion of token data with a public key of said secure 
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12 transfer key pair within a first client computer within said plurality of associated 

13 client computers; 

14 recording token data on a computer readable medium, wherein said token 

1 5 data includes said first portion of token data encrypted with said public key of 

16 said secure transfer key pair, in said first client computer; 

17 transferring said computer readable medium from said first client 

1 8 computer to a second client computer within said plurality of associated client 

19 computers; reading said token data on said second client computer; and 

20 decrypting said token data encrypted with said public key of said secure 

21 transfer key pair with a private key of said secure transfer key pair in said second 

22 client computer. 

1 45. (original): The method of claim 44, wherein 

2 each client computer within said plurality of associated client computers 

3 generates a platform key pair, 

4 a public key of said platform key pair is transferred from said client 

5 computer to said server, 

6 said private key of said secure transfer key pair is encrypted within said 

7 server with said public key of said platform key pair, 

8 said secure transfer key pair is transferred from said server to said client 

9 computer with a private key of said secure transfer key pair encrypted with said 
10 public key of said platform key pair. 

1 46. (original): The method of claim 45, wherein said secure transfer key pair is 

2 transferred from said server to said client computer on a computer readable 

3 medium. 

1 47. (original): The method of claim 45, wherein said secure transfer key pair is 

2 transferred from said server to said client computer by transmission over a 

3 communications network. 
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1 48. (original): The method of claim 45, additionally comprising: 

2 generating and storing a hardware key pair within a security subsystem of 

3 said client system, wherein a private key of said hardware key pair is stored 

4 within said security subsystem of said client computer; 

5 encrypting said private key of said platform key pair with said public key of 

6 said hardware key pair, wherein said platform key pair is stored with said private 

7 key of said platform key pair encrypted with said public key of said hardware key 

8 pair; and 

9 decrypting said private key of said platform key pair with said private key 

1 0 of said hardware key pair within said security subsystem before decrypting said 

1 1 private key of said secure transfer key pair with said private key of said platform 

12 key pair. 

1 49. (original): The method of claim 4© 45, wherein 

2 a portion of said token data includes a PIN, and 

3 said method additionally comprises receiving a numeric input from an input 

4 device, comparing said PIN with said numeric input from said input device, and 

5 enabling performance of a predetermined task in response to determining an 

6 equivalence between said PIN and said numeric input. 

1 50. (original): A method for establishing a plurality of associated client 

2 computers, wherein a client computer in said plurality of associated client 

3 computers performs a predetermined task in response to reading and decrypting 

4 token data recorded on a computer readable medium, wherein said method 

5 comprises: 

6 generating a secure transfer key pair within a server; 

7 transferring said secure transfer key pair from said server to each client 

8 computer in said plurality of associated client computers; and 
9 
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9 storing said secure transfer key pair within each client computer in said plurality 

10 of associated client computers. 

1 51 . (original): The method of claim 50, wherein 

2 said method additionally comprises receiving a platform key pair from said 

3 client computer within said plurality of associated client computers before 

4 transferring said secure transfer key pair to said client computer, 

5 said secure transfer key pair is transferred from said server to said client 

6 computer with a private key of said secure transfer key pair encrypted with said 

7 public key of said platform key pair. 

1 52. (original): The method of claim 51 , wherein said secure transfer key pair is 

2 transferred from said server to said client computer over a communications 

3 network. 

1 53. (original): The method of claim 51 , wherein said secure transfer key pair is 

2 transferred from said server to said client computer as data recorded on a 

3 computer readable medium. 

5 
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